As part of the DMARC protocol, forensic reports may also be sent for emails that fail DMARC validation. Although the DMARC spec recommends that these forensic reports should be redacted to remove PII information, some sources do not comply with the spec. OnDMARC preventively redacts any plain email body sent by a source at the time it receives it and propagates only the character count and any URLs used in that email.

Did this answer your question?